Firewall log shows internal ip blocked to wan ip
-
Hi i have noticed i have alot of log messages that internal ip adresses is blocked going to outside.
This happens from different ip adresses from inside going out.
I have an Allow any from lan to wan rule.Can someone help me with why i see this in my log?
-
The screen-grab you've posted is missing the first column (Act), which indicates whether the traffic is being blocked or not. A green arrow means it's being let through, a red cross means it's being blocked. You're only showing the source column as the leftmost column so this doesn't indicate to me that anything is being stopped at all. Post a complete screen-grab of your firewall logs and we'll see if your web traffic is really being blocked or not.
-
Hi sorry for this.
Here is a new pic
-
This seems to have been discussed in another thread on this forum:
https://forum.pfsense.org/index.php?topic=39960.0
Looks like you're simply logging out-of-state packets.
-
This seems to have been discussed in another thread on this forum:
https://forum.pfsense.org/index.php?topic=39960.0
Looks like you're simply logging out-of-state packets.
Hi thanks for this
BR -
yeah this gets brought up a lot.. Those are just your typical out of state… Phones seem to do it quite a bit when they switch from say cell data to using wifi and try to just continue with a session vs creating a new one.
So to pfsense that traffic has not existing state so it would be blocked.
https://doc.pfsense.org/index.php/Why_do_my_logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection